Selecting a Network Recorder for back-in-time analysis to solve intermittent problems and unexpected events
|
|
- Dwayne Golden
- 8 years ago
- Views:
Transcription
1 Selecting a Network Recorder for back-in-time analysis to solve intermittent problems and unexpected events Often, the only way to get to the root cause of unwelcome or intermittent events that occur on your network is to use a Network Recorder. This is a device that can capture and store packets at full line speed without dropping any packets, and without resorting to packet slicing. In this white paper you will learn when it is important to use a Network Recorder, and key Table of contents Traditional protocol analyzer shortcomings... 2 When you need a network recorder... 2 Risks with the wrong network recorder... 3 Mitigate the risks... 4 Summary considerations when selecting a network recorder for back-in-time forensics analysis.
2 Introduction Network managers often rely on basic protocol analyzers (such as Wireshark) or monitoring devices (such as RMON probes) to keep track of what is happening on their networks. Even sophisticated analyzers and probes, however useful, are still limited by the fact that they are basically traffic sampling devices that provide statistical KPI s. Such devices may sometimes indicate that a persistent problem has occurred, but they cannot go back and investigate the problem in depth, because they have not captured and stored all of the packets related to the problem. The root cause of the problem may remain elusive resulting in finger-pointing and continuing loss of productivity. Shortcomings of traditional protocol analyzers Protocol analyzers on the market today are typically software-based, and are designed to be installed on an ordinary PC. They tend to have one or more of the following limitations: The small size of the capture buffer means that they can only capture a small number of packets, and then it becomes full and either has to stop capturing, or the buffer has to wrap, which often causes important data to be lost. If slicing is used to increase the number of packets that the buffer can hold, the visibility into the payload data is compromised. This often makes it difficult to analyze security problems, compliance problems, and certain kinds of application problems. Ability to monitor multiple locations simultaneously and to correlate the data is often quite limited. This makes it hard to get the full picture when there are redundant paths, load-balancing, or asymmetric flows. There is often a lack of sufficient analysis capability at remote locations. An operator might need to bring the contents of an entire buffer across the network before it can be analyzed. The protocol analyzer may be unable to open a large trace file, or may run very slowly when it tries to open one. When do you need a Network Recorder? It is getting ever more important to have the whole picture that includes the payload of packets to resolve problems. Here are a few situations that especially need the help of a good Network Recorder: During data center consolidation or virtualization. Less servers or data centers will be handling more traffic. There will be increased traffic going into fewer network segments that operate at very high speeds, up to 10 Gbps with high rates of utilization. The traffic from such segments quickly overwhelms the traditional analyzer s capture buffer, and very little traffic is kept for later in-depth analysis. Networks are more stable but there are more problems that occur intermittently and can occur at any time. The only way to be sure of finding the offending packet(s) is to capture and store all of them. When new applications are deployed, unexpected behavior happens because of interoperability issues between different application tiers or incompatibility with configuration of network interconnecting equipment: packet partition by gateway, delay expectation from tier to tier and IP port blocked by the firewall. Root cause analysis of these problems require not only response time measurement but detailed analysis of the payload. There are attempts to gain unauthorized access to the network. Even the best IDS/IPS will miss some of the intrusion. These often occur outside of normal working hours, and might only come to light if all the packets are captured and stored. Network security and operation teams need to understand the methods used by the intruder by reviewing the traffic payload so that proper countermeasures can be made to block future unauthorized access. Other unexpected events such as application performance problems caused by moving assets across VM which starts a broadcast storm and cripples the application and even the network. Some employees are making inappropriate use of your company s network by downloading and watching streaming video. 2
3 You need to assess whether this excess bandwidth consumption is impacting productivity or placing unacceptable strains on the network. Being able to reconstruct the actual video content would help deliver impact answers and provide evidence for corrective actions. A simple analogy There is a difference between simply knowing that a problem exists and actually finding the root cause of that problem. Consider this situation. You park your car in the parking lot of a shopping center and go inside to make a few purchases. When you return to your car, you find that one of the doors has been severely dented and there is no note left behind. You know that you have a problem, but that s all you know. Now consider how the situation might be different if there were one or more security cameras covering the area. By replaying the video from the security cameras, you are able to see that a truck has backed into the door, and you have the license number of the truck. You now have enough information to pass on to your insurance company, who can track down the driver and work out a settlement. The security cameras in this situation are analogous to the Network Recorders on your network. Risks that arise from not having the right Network Recorder Not having a Network Recorder, or having one that lacks certain key features, can result in these problems: False positive there appears to be a problem, but it would turn out to be benign if you could only reconstruct the full transaction in detail. False negative a problem goes undetected because some of the evidence is lost. Functional teams engage in finger pointing ( it s not us, it s them ) because there is not enough evidence to pinpoint the cause of a problem. Intermittent problem a problem is detected, but by the time a portable analyzer is brought to the offending network segment, the problem is not happening. No user friendly analysis capability there are enough packets stored, but the desired information cannot be found because the Network Recorder does not provide a quick and easy way to retrieve the desired information from the huge quantity of stored packets. Key points to consider when choosing a Network Recorder Visibility Performance Capacity Redundancy Ease of use How many links can one recorder connect to and what kind of topology can it link to? What is the throughput to disk (not to memory) with no packet loss? How much will turning on real-time monitoring or data analysis affect the throughput? Is the storage specified based on raw storage or real data storage available? Is there a way to filter or slice traffic so that only relevant data is stored? Is RAID 5 or 10 used? If not, what happens when the hard disk fails? Will data be lost? How much work does it take to recover the system and/or the data? How difficult is it to analyze the data captured? Can data collected from different parts of the network be easily aggregated, segmented and analyzed to get to the root cause? 3
4 How to mitigate the risks You can mitigate these risks by having one or more Network Recorders installed. It is important, however, to scrutinize the Network Recorder specifications to ensure that the one(s) you buy are a good match to your needs. Here are some key questions to ask: How many points on the network are considered to be mission critical in the sense that poor performance at those points would have a serious adverse effect on the business? Consider installing enough Network Recorders to capture traffic at each such point. What is the bandwidth at each point? Make sure that the Network Recorder installed there can capture and store packets at full line rate without dropping any packets. How long would you need to capture packets in order to have a good representation of all the events that can occur? Multiply this time by a generous estimate of network utilization. Then make sure that the Network Recorder has at least that much storage capacity. Be sure to consider the capacity actually available for storing packets. Some Network Recorders use as much as 30% of the raw disk space for long operating system and other overhead. Is there a way to preserve critical data so that it will not be overwritten when the capture disk wraps? Data in a Network Recorder is typically organized in records (blocks of data defined by beginning and ending times). Does the Network Recorder have the ability to lock individual records so that they cannot be overwritten? Is capture performance vulnerable to conflicts with real-time monitoring or other features? Make sure that there is not an unsatisfactory tradeoff between monitoring and capture functions. This would defeat the main purpose of using a Network Recorder. Is there enough redundancy in the hard disk system to assure total capture in the event of a hard disk failure? For example, a RAID 5/10 disk system is much more reliable than a RAID 0 disk system. Are the individual hard disks easily swappable or need a service technician to replace? This may mean taking the risk of having sensitive data exposed. Is there an effective hardware filter capability that can restrict capture to specific kinds of packets that you may be watching for? When the tester is monitoring the network through a SPAN port, sometimes a packet may appear multiple times as it transverses in and out of the switch. Does the tester have the mechanism to de-duplicate the frame during capture saving capacity and confusion? Are there display filters that can be applied to postcapture analysis, so that the screen is not full of irrelevant data that makes it hard to see your specific area of interest? For example, are there filters for specific kinds of VoIP traffic, specific caller and callee based on their ID, and/or VoIP-specific problems? Is there a pattern-matching capability that can isolate the flow that contains a pattern in one of the packets in the flow? Is there a user-friendly analysis capability that makes it easy to see results in a self-evident display? This is important, because it assures that you don t need a network expert to use the Network Recorder. Can multiple Network Recorders be accessed and controlled from one or more remote locations? This helps you get a complete picture when problems involve more than one network segment. Can information gathered from multiple network segments be merged and correlated? Look for a sophisticated multi-segment capability. Be sure that packets are stored with precise (nanosecond) timing information, so that data from different segments can be properly synchronized. Are there both rackmount and portable versions available? In general, you should have rackmounted Network Recorders installed on your mission-critical segments, and portable Network Recorders available to be connected to other segments when those segments become relevant to an investigation. 4
5 Summary There can be serious problems that pose major risks to your network, but sometimes these problems occur rarely or are intermittent. A Network Recorder is the most valuable tool you can use for detecting and analyzing such problems. However, it is important to carefully scrutinize the specifications before buying one or more Network Recorders. This white paper is written to help you select the right Network Recorder for back-in-time analysis for identifying unexpected events and solving intermittent problems on your network. Fluke Network provides a line of Network Time Machine products. These are Network Recorders with a variety of capture speeds and storage capacities. Both rackmount and portable versions are available. For more information visit: /ntm Back-in-Time Application-Centric Forensics Analysis from Using a unique, application-centric approach to network forensics, the Network Time Machine (NTM) and ClearSight Analyzer (CSA) from simplify and expedite root cause identification. The Network Time Machine (NTM) is a bestin-class, stream-to-disk product that records network traffic, then indexes and categorizes the data. The NTM Atlas software lets you rewind and review the events and background information to extract the data you need to the built-in ClearSight Analyzer*. The ClearSight Analyzer is integrated with the Network Time Machine to provide an intuitive, easy-to-use interface for unparalleled application-centric analysis to provide quick answers. With the NTM and CSA you can record, identify, and analyze current and past network traffic to view activity as it happens or go back days or weeks to quickly: Resolve application performance problems without looking at packets Back-in-time isolation of the root cause of intermittent application events Provide evidence to trace the sequence of events leading up to critical performance events, and security or compliance issues Troubleshoot issues anywhere from the application level to the packet level Debug equipment and application performance before rolling out new solutions To learn more about Back-in-Time Network Forensics Analysis, visit: /ntmresources *CSA software is integrated in NTM and is also available separately to install protocol analysis capabilities on a PC. Contact : Phone (US/Canada) or (other locations). info@flukenetworks.com. P.O. Box 777, Everett, WA USA operates in more than 50 countries worldwide. To find your local office contact details, go to /contact Fluke Corporation. All rights reserved. Printed in U.S.A. 07/ B D-ENG-N 5
Network Time Machine Fastest all-in-one appliance for back in time network and application analysis
Network Time Machine Fastest all-in-one appliance for back in time network and application analysis Network Time Machine is a high-performance stream-to-disk appliance designed to continuously monitor
More informationNetwork Time Machine Fastest all-in-one appliance for back in time network and application analysis
Network Time Machine Fastest all-in-one appliance for back in time network and application analysis Network Time Machine is a high-performance stream-to-disk appliance designed to continuously monitor
More informationDiagnosing the cause of poor application performance
Diagnosing the cause of poor application performance When it comes to troubleshooting application performance issues, there are two steps you can take to make diagnosis easier, faster and more accurate.
More informationObserver Probe Family
Observer Probe Family Distributed analysis for local and remote networks Monitor and troubleshoot vital network links in real time from any location Network Instruments offers a complete line of software
More informationOptiView. Total integration Total control Total Network SuperVision. Network Analysis Solution. No one knows the value of an
No one knows the value of an Network Analysis Solution Total integration Total control Total Network SuperVision integrated solution better than network engineers and Fluke Networks. Our Network Analysis
More informationOptiView. Total integration Total control Total Network SuperVision. Network Analysis Solution. No one knows the value of an
No one knows the value of an Network Analysis Solution Total integration Total control Total Network SuperVision integrated solution better than network engineers and Fluke Networks. Our Network Analysis
More informationApplication-Centric Analysis Helps Maximize the Value of Wireshark
Application-Centric Analysis Helps Maximize the Value of Wireshark The cost of freeware Protocol analysis has long been viewed as the last line of defense when it comes to resolving nagging network and
More informationObserver Probe Family
Observer Probe Family Distributed analysis for local and remote networks Monitor and troubleshoot vital network links in real time from any location Network Instruments offers a complete line of software
More informationManaging Network Bandwidth to Maximize Performance
Managing Network Bandwidth to Maximize Performance With increasing bandwidth demands, network professionals are constantly looking to optimize network resources, ensure adequate bandwidth, and deliver
More informationObserver Analysis Advantages
In-Depth Analysis for Gigabit and 10 Gb Networks For enterprise management, gigabit and 10 Gb Ethernet networks mean high-speed communication, on-demand systems, and improved business functions. For enterprise
More informationSimplify VoIP Network Setup and Troubleshooting with NetTool VoIP
Simplify VoIP Network Setup and Troubleshooting with NetTool VoIP Introduction As businesses search for new ways to cut costs and increase efficiency, they are moving their phone systems to VoIP (voice
More informationDiagnosing the cause of poor application performance
Diagnosing the cause of poor application performance When it comes to troubleshooting application performance issues, there are two steps you can take to make diagnosis easier, faster and more accurate.
More informationWhite Paper. The Ten Features Your Web Application Monitoring Software Must Have. Executive Summary
White Paper The Ten Features Your Web Application Monitoring Software Must Have Executive Summary It s hard to find an important business application that doesn t have a web-based version available and
More informationBusiness case for VoIP Readiness Network Assessment
Business case for VoIP Readiness Network Assessment Table of contents Overview... 2 Different approaches to pre-deployment assessment:.......... 2 Other considerations for VoIP pre-deployment... 3 The
More informationTroubleshooting VoIP and Streaming Video Problems
Using the ClearSight Analyzer to troubleshoot the top five VoIP problems and troubleshoot Streaming Video With the prevalence of Voice over IP and Streaming Video applications within the enterprise, it
More informationBeyond Monitoring Root-Cause Analysis
WHITE PAPER With the introduction of NetFlow and similar flow-based technologies, solutions based on flow-based data have become the most popular methods of network monitoring. While effective, flow-based
More informationSolving Monitoring Challenges in the Data Center
Solving Monitoring Challenges in the Data Center How a network monitoring switch helps IT teams stay proactive White Paper IT teams are under big pressure to improve the performance and security of corporate
More informationNetwork Instruments white paper
Network Instruments white paper USING A NETWORK ANALYZER AS A SECURITY TOOL Network Analyzers are designed to watch the network, identify issues and alert administrators of problem scenarios. These features
More informationNetwork Forensics Buyer s Guide
TM Network Forensics Buyer s Guide Network forensics the recording and analysis of network traffic is a powerful tool for finding proof of security attacks, and it has become an essential capability for
More informationMonitoring your WAN When, What and How
Monitoring your WAN When, What and How Even though WAN performance monitoring tools have been available for close to a decade, less than a quarter of US WAN links are monitored by enterprises either by
More informationBest Practices for Network Monitoring How a Network Monitoring Switch Helps IT Teams Stay Proactive
White Paper Best Practices for Network Monitoring How a Network Monitoring Switch Helps IT Teams Stay Proactive 26601 Agoura Road, Calabasas, CA 91302 Tel: 818.871.1800 Fax: 818.871.1805 www.ixiacom.com
More informationCisco Prime Network Analysis Module Software 5.1 for WAAS VB
Cisco Prime Network Analysis Module Software 5.1 for WAAS VB Network administrators need multifaceted visibility into the network and application to help ensure consistent and cost-effective delivery of
More information5 Steps to Avoid Network Alert Overload
5 Steps to Avoid Network Alert Overload By Avril Salter 1. 8 0 0. 8 1 3. 6 4 1 5 w w w. s c r i p t l o g i c. c o m / s m b I T 2011 ScriptLogic Corporation ALL RIGHTS RESERVED. ScriptLogic, the ScriptLogic
More informationHow To Monitor A Network With A Network Probe
Network Monitoring and Analysis Techniques Using Taps and SPAN Switches Networks have evolved into complex structures supporting critical business processes and communications. As this complexity has increased,
More informationTesting VoIP on MPLS Networks
Application Note Testing VoIP on MPLS Networks Why does MPLS matter for VoIP? Multi-protocol label switching (MPLS) enables a common IP-based network to be used for all network services and for multiple
More informationEfficient Network Monitoring Access
Abstract Organizations that rely on the reliability, security, and performance of their networks can no longer afford to wait for outages or security breaches to occur before installing test access points.
More informationWhite Paper: Validating 10G Network Performance
White Paper: Validating 10G Network Performance TABLE OF CONTENTS» Introduction» The Challenge of Testing 10G Connections» 10G Network Performance Test with Path Visibility» What Settings to Use» Measuring
More informationDistributed Monitoring Pervasive Visibility & Monitoring, Selective Drill-Down
Distributed Monitoring Pervasive Visibility & Monitoring, Selective Drill-Down Rony Kay www.cpacket.com, 2012 Pervasive Visibility, Monitoring, and Drill Down cpacket delivers solutions for intelligent
More informationInternet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering
Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls
More informationSNMP Monitoring: One Critical Component to Network Management
Network Instruments White Paper SNMP Monitoring: One Critical Component to Network Management Although SNMP agents provide essential information for effective network monitoring and troubleshooting, SNMP
More informationTest Equipment Depot - 800.517.8431-99 Washington Street Melrose, MA 02176 - TestEquipmentDepot.com. Application Advisor
Test Equipment Depot - 800.517.8431-99 Washington Street Melrose, MA 02176 - TestEquipmentDepot.com NetAlly Application Advisor Monitor End User Experience for Local and Remote Users, Distributed Sites
More informationIBM SECURITY QRADAR INCIDENT FORENSICS
IBM SECURITY QRADAR INCIDENT FORENSICS DELIVERING CLARITY TO CYBER SECURITY INVESTIGATIONS Gyenese Péter Channel Sales Leader, CEE IBM Security Systems 12014 IBM Corporation Harsh realities for many enterprise
More informationWireless Network Analysis. Complete Network Monitoring and Analysis for 802.11a/b/g/n
Wireless Network Analysis Complete Network Monitoring and Analysis for 802.11a/b/g/n Comprehensive Wireless Network Management Made Simple From deploying access points to baselining activity to enforcing
More informationWeb Analytics Understand your web visitors without web logs or page tags and keep all your data inside your firewall.
Web Analytics Understand your web visitors without web logs or page tags and keep all your data inside your firewall. 5401 Butler Street, Suite 200 Pittsburgh, PA 15201 +1 (412) 408 3167 www.metronomelabs.com
More informationObserver Analyzer Provides In-Depth Management
Comprehensive Wireless Network Management Made Simple From deploying access points to baselining activity to enforcing corporate security policies, the Observer Performance Management Platform is a complete,
More informationFirewalls Overview and Best Practices. White Paper
Firewalls Overview and Best Practices White Paper Copyright Decipher Information Systems, 2005. All rights reserved. The information in this publication is furnished for information use only, does not
More informationRouting & Traffic Analysis for Converged Networks. Filling the Layer 3 Gap in VoIP Management
Routing & Traffic Analysis for Converged Networks Filling the Layer 3 Gap in VoIP Management Executive Summary Voice over Internet Protocol (VoIP) is transforming corporate and consumer communications
More informationApplication Visibility and Monitoring >
White Paper Application Visibility and Monitoring > An integrated approach to application delivery Application performance drives business performance Every business today depends on secure, reliable information
More informationNetwork Management and Monitoring Software
Page 1 of 7 Network Management and Monitoring Software Many products on the market today provide analytical information to those who are responsible for the management of networked systems or what the
More informationwhitepaper Network Traffic Analysis Using Cisco NetFlow Taking the Guesswork Out of Network Performance Management
whitepaper Network Traffic Analysis Using Cisco NetFlow Taking the Guesswork Out of Network Performance Management Taking the Guesswork Out of Network Performance Management EXECUTIVE SUMMARY Many enterprise
More informationNetwork Client. Troubleshooting Guide FREQUENTLY ASKED QUESTIONS
Network Client Troubleshooting Guide 1 Network Client Troubleshooting Guide The first section of this guide answers some frequently asked questions (FAQs) about the operation of Intellex and the Network
More informationMulti Stage Filtering
Multi Stage Filtering Technical Brief With the increasing traffic volume in modern data centers, largely driven by e-business and mobile devices, network and application performance monitoring has become
More informationHigh-Performance Network Data Capture: Easier Said than Done
Introduction Network data capture is an essential tool for all IT disciplines. It has proven to be the best way to find and fix the most difficult performance issues and network outages, because it is
More informationUsing Palo Alto Networks to Protect the Datacenter
Using Palo Alto Networks to Protect the Datacenter July 2009 Palo Alto Networks 232 East Java Dr. Sunnyvale, CA 94089 Sales 866.207.0077 www.paloaltonetworks.com Table of Contents Introduction... 3 Granular
More informationAnalyzing Full-Duplex Networks
Analyzing Full-Duplex Networks There are a number ways to access full-duplex traffic on a network for analysis: SPAN or mirror ports, aggregation TAPs (Test Access Ports), or full-duplex TAPs are the three
More informationApplication Compatibility Best Practices for Remote Desktop Services
Application Compatibility Best Practices for Remote Desktop Services Introduction Remote Desktop Services in Windows Server 2008 R2 allows Windows Server to be accessed by multiple users concurrently to
More informationQuestion: 3 When using Application Intelligence, Server Time may be defined as.
1 Network General - 1T6-521 Application Performance Analysis and Troubleshooting Question: 1 One component in an application turn is. A. Server response time B. Network process time C. Application response
More informationNetwork Troubleshooting with the LinkView Classic Network Analyzer
November 2, 1999 www.wwgsolutions.com Network Troubleshooting with the LinkView Classic Network Analyzer Network Troubleshooting Today The goal of successful network troubleshooting is to eliminate network
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning
More informationSecurity is one of the biggest concerns today. Ever since the advent of the 21 st century, the world has been facing several challenges regarding the security of people, economy, and infrastructure. One
More informationAppResponse Xpert RPM Integration Version 2 Release Notes
AppResponse Xpert RPM Integration Version 2 Release Notes RPM Integration provides additional functionality to the Riverbed OPNET AppResponse Xpert real-time application performance monitoring solution.
More informationTesting Network Performance with Real Traffic
Testing Network Performance with Real Traffic Mike Danseglio 1. 8 0 0. 8 1 3. 6 4 1 5 w w w. s c r i p t l o g i c. c o m / s m b I T 2011 ScriptLogic Corporation ALL RIGHTS RESERVED. ScriptLogic, the
More informationFundamentals of VoIP Call Quality Monitoring & Troubleshooting. 2014, SolarWinds Worldwide, LLC. All rights reserved. Follow SolarWinds:
Fundamentals of VoIP Call Quality Monitoring & Troubleshooting 2014, SolarWinds Worldwide, LLC. All rights reserved. Introduction Voice over IP, or VoIP, refers to the delivery of voice and multimedia
More informationConfiguring and Managing Token Ring Switches Using Cisco s Network Management Products
Configuring and Managing Token Ring Switches Using Cisco s Network Management Products CHAPTER 12 Cisco offers several network management applications that you can use to manage your Catalyst Token Ring
More informationCisco Bandwidth Quality Manager 3.1
Cisco Bandwidth Quality Manager 3.1 Product Overview Providing the required quality of service (QoS) to applications on a wide-area access network consistently and reliably is increasingly becoming a challenge.
More informationProven techniques and best practices for managing infrastructure changes
Proven techniques and best practices for managing infrastructure changes When a business expands an existing facility, adds a new location, incorporates an influx of new users, or upgrades an existing
More informationPCI Security Scan Procedures. Version 1.0 December 2004
PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting
More informationHow To Use A Network Instrument Ntap
ntap Product Family Provides monitoring and security devices with complete visibility into full-duplex networks Network Instruments ntaps let you monitor and analyze full-duplex links. ntaps are critical
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations
More informationExpert Reference Series of White Papers. VMware vsphere Distributed Switches
Expert Reference Series of White Papers VMware vsphere Distributed Switches info@globalknowledge.net www.globalknowledge.net VMware vsphere Distributed Switches Rebecca Fitzhugh, VCAP-DCA, VCAP-DCD, VCAP-CIA,
More informationGaining Operational Efficiencies with the Enterasys S-Series
Gaining Operational Efficiencies with the Enterasys S-Series Hi-Fidelity NetFlow There is nothing more important than our customers. Gaining Operational Efficiencies with the Enterasys S-Series Introduction
More informationB&B ELECTRONICS WHITE PAPER. Managed Ethernet Switches - Key Features for a Powerful Industrial Network
Determinism is the assurance that control/communication will occur in a set period of time. Ethernet was nondeterministic at first, and not widely used for industrial purposes. Ethernet switches designed
More informationIP Office Technical Tip
IP Office Technical Tip Tip no: 195 Release Date: October 26, 2007 Region: GLOBAL Using Packet Capture Software To Verify IP Network VoIP Quality Of Service (QoS) Operation Converged networks can experience
More informationManaging Central Monitoring in Distributed Systems
Managing Central Monitoring in Distributed Systems White Paper Author: Daniel Zobel, Documentation and Support at Paessler AG Published: August 2010 PAGE 1 OF 11 Contents Introduction... 3 The probe principle
More informationTraffic Analysis With Netflow. The Key to Network Visibility
Summary Today, Enterprises know that the WAN is one of their most important assets. It needs to be up and running 24x7 for the enterprise to function smoothly. To make this possible, IT administrators
More informationDatasheet: Visual Performance Manager and TruView Advanced MPLS Package with VoIPIntegrity (SKU 01923)
Datasheet: Visual Performance Manager and TruView Advanced MPLS Package with VoIPIntegrity (SKU 01923) Key Features: The everything software bundle for application aware network monitoring for remote sites
More informationHIGH-PERFORMANCE SOLUTIONS FOR MONITORING AND SECURING YOUR NETWORK A Next-Generation Intelligent Network Access Guide OPEN UP TO THE OPPORTUNITIES
HIGH-PERFORMANCE SOLUTIONS FOR MONITORING AND SECURING YOUR NETWORK A Next-Generation Intelligent Network Access Guide OPEN UP TO THE OPPORTUNITIES Net Optics solutions dramatically increase reliability,
More informationSecuring Physical and Virtual IT Assets Without Hardware Firewalls or VLANs
white paper Securing Physical and Virtual IT Assets Without Hardware Firewalls or VLANs A New Approach: An Identity-Aware Network Inside the Perimeter Introduction For security administrators at large
More informationLOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE The Tripwire VIA platform delivers system state intelligence, a continuous approach to security that provides leading indicators of breach
More informationSecure Access Complete Visibility
PACKET CAPTURE APPLIANCE PACKET CAPTURE APPLIANCE PACKET CAPTURE APPLIANCE PACKET CAPTURE APPLIANCE Intrusion Detection Switch TAP Data Recorder VoIP Analyzer Switch Secure Access Complete Visibility Web
More informationTraffic Analysis with Netflow The Key to Network Visibility
Traffic Analysis with Netflow The Key to Network Visibility > WHITEPAPER Executive Summary Enterprises today, know that the WAN is one of their most important assets. It needs to be up and running 24x7
More informationDatasheet. Cover. Datasheet. (Enterprise Edition) Copyright 2015 Colasoft LLC. All rights reserved. 0
Cover Datasheet Datasheet (Enterprise Edition) Copyright 2015 Colasoft LLC. All rights reserved. 0 Colasoft Capsa Enterprise enables you to: Identify the root cause of performance issues; Provide 24/7
More informationCisco Virtual Office Unified Contact Center Architecture
Guide Cisco Virtual Office Unified Contact Center Architecture Contents Scope of Document... 1 Introduction... 1 Platforms and Images... 2 Deployment Options for Cisco Unified Contact Center with Cisco
More informationDMZ Network Visibility with Wireshark June 15, 2010
DMZ Network Visibility with Wireshark June 15, 2010 Ashok Desai Senior Network Specialist Intel Information Technology SHARKFEST 10 Stanford University June 14-17, 2010 Outline Presentation Objective DMZ
More informationNetwork Agent Quick Start
Network Agent Quick Start Topic 50500 Network Agent Quick Start Updated 17-Sep-2013 Applies To: Web Filter, Web Security, Web Security Gateway, and Web Security Gateway Anywhere, v7.7 and 7.8 Websense
More informationNetwork Instruments white paper
Network Instruments white paper ANALYZING FULL-DUPLEX NETWORKS There are a number ways to access full-duplex traffic on a network for analysis: SPAN or mirror ports, aggregation TAPs (Test Access Ports),
More informationQuick Start for Network Agent. 5-Step Quick Start. What is Network Agent?
What is Network Agent? The Websense Network Agent software component uses sniffer technology to monitor all of the internet traffic on the network machines that you assign to it. Network Agent filters
More informationVoIP Reliability in Managed Service Deployments
1 VoIP Reliability in Managed Service Deployments Technical White Paper Introduction This White Paper introduces the Aspen 365 family of network appliances and explains how service providers offering a
More informationHow to Manage a Virtual Network Infrastructure
3 Steps to Server Virtualization Visibility Each enterprise has its own reasons for moving to virtual infrastructure, but it all boils down to the demand for better and more efficient server utilization.
More informationWHITE PAPER. Network Traffic Port Aggregation: Improved Visibility, Security, and Efficiency
WHITE PAPER Network Traffic Port Aggregation: Improved Visibility, Security, and Efficiency www.ixiacom.com 915-6893-01 Rev. A, July 2014 2 Table of Contents Summary... 4 Introduction... 4 Differing Goals
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,
More informationOverview of NetFlow NetFlow and ITSG-33 Existing Monitoring Tools Network Monitoring and Visibility Challenges Technology of the future Q&A
Overview of NetFlow NetFlow and ITSG-33 Existing Monitoring Tools Network Monitoring and Visibility Challenges Technology of the future Q&A What is NetFlow? Network protocol originally developed by Cisco
More informationIncrease Simplicity and Improve Reliability with VPLS on the MX Series Routers
SOLUTION BRIEF Enterprise Data Center Interconnectivity Increase Simplicity and Improve Reliability with VPLS on the Routers Challenge As enterprises improve business continuity by enabling resource allocation
More informationUnified network traffic monitoring for physical and VMware environments
Unified network traffic monitoring for physical and VMware environments Applications and servers hosted in a virtual environment have the same network monitoring requirements as applications and servers
More informationFirewall and UTM Solutions Guide
Firewall and UTM Solutions Guide Telephone: 0845 230 2940 e-mail: info@lsasystems.com Web: www.lsasystems.com Why do I need a Firewall? You re not the Government, Microsoft or the BBC, so why would hackers
More informationNetwork Security Forensics
Network Security Forensics As hacking and security threats grow in complexity and organizations face stringent requirements to document access to private data on the network, organizations require a new
More informationHow To Create An Intelligent Infrastructure Solution
SYSTIMAX Solutions Intelligent Infrastructure & Security Using an Internet Protocol Architecture for Security Applications White Paper July 2009 www.commscope.com Contents I. Intelligent Building Infrastructure
More informationSOUTHERN POLYTECHNIC STATE UNIVERSITY. Snort and Wireshark. IT-6873 Lab Manual Exercises. Lucas Varner and Trevor Lewis Fall 2013
SOUTHERN POLYTECHNIC STATE UNIVERSITY Snort and Wireshark IT-6873 Lab Manual Exercises Lucas Varner and Trevor Lewis Fall 2013 This document contains instruction manuals for using the tools Wireshark and
More informationMonitoring and Managing Voice over Internet Protocol (VoIP)
Network Instruments White Paper Monitoring and Managing Voice over Internet Protocol (VoIP) As with most new technologies, Voice over Internet Protocol (VoIP) brings new challenges along with the benefits.
More informationIP SAN Best Practices
IP SAN Best Practices A Dell Technical White Paper PowerVault MD3200i Storage Arrays THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES.
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationApplication Notes. Introduction. Contents. Managing IP Centrex & Hosted PBX Services. Series. VoIP Performance Management. Overview.
Title Series Managing IP Centrex & Hosted PBX Services Date July 2004 VoIP Performance Management Contents Introduction... 1 Quality Management & IP Centrex Service... 2 The New VoIP Performance Management
More informationApplication Performance Management
Application Performance Management Intelligence for an Optimized WAN xo.com Application Performance Management Intelligence for an Optimized WAN Contents Abstract 3 Introduction 3 Business Drivers for
More informationVerifying the IEC 61850 Configuration and Assessing the Communication Network during Commissioning
1 Verifying the IEC 61850 Configuration and Assessing the Communication Network during Commissioning Dr. Fred Steinhauser, OMICRON, Austria Abstract Although IEC 61850 is sometimes just called the "new
More informationAn Integrated CyberSecurity Approach for HEP Grids. Workshop Report. http://hpcrd.lbl.gov/hepcybersecurity/
An Integrated CyberSecurity Approach for HEP Grids Workshop Report http://hpcrd.lbl.gov/hepcybersecurity/ 1. Introduction The CMS and ATLAS experiments at the Large Hadron Collider (LHC) being built at
More informationBeyond Monitoring Root-Cause Analysis
WHITE PAPER With the introduction of NetFlow and similar flow-based technologies, solutions based on flow-based data have become the most popular methods of network monitoring. While effective, flow-based
More informationNine Use Cases for Endace Systems in a Modern Trading Environment
FINANCIAL SERVICES OVERVIEW Nine Use Cases for Endace Systems in a Modern Trading Environment Introduction High-frequency trading (HFT) accounts for as much as 75% of equity trades in the US. As capital
More information